Resources
11 April 2021
The short story about Clubhouse user scraping and social graphs
During this RedTeam testing, we used Clubhouse as a social engineering tool to find out more about our client's employees. UPDATE: While we were preparing this article for publication, cybernews.com reported: 1.3 million scraped user records leaked online for ...
16 March 2020
r00kie-kr00kie. Exploring the kr00k attack
We created and published a PoC exploit of the kr00k attack (CVE-2019-15126): https://github.com/hexway/r00kie-kr00kie All technical details can be found in the Process section. INTRODUCTION AND MOTIVATION In February 2020, ESET released the KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE ...
29 January 2020
Piercing the Shield. Breaking the FunctionShield cloud security library
We've found a vulnerability in FunctionShield, a cloud security library, that allows bypassing its tightest restrictions completely. All technical details can be found in the "Process" section. Cloud computing platforms are highly common these days. Fortunately, the times when ...
8 October 2019
Apple bleee. Everyone knows What Happens on Your iPhone
Users value their privacy, and Apple understands that. We even see related PR activities. "What happens on your iPhone, stays on your iPhone." Let's see if it's true. If Bluetooth is ON on your Apple device everyone nearby can ...
25 July 2022
July 2022. 0.43 version. Custom issue statuses & status sync.
July was pretty intense for us as Hexway was getting ready to present a new pack of awesome features. It’s no joke, the stakes are high! So, meet this month’s winners: Custom issue statuses Status sync between Hive & Apiary ...
15 June 2022
June 2022 Hive & Apiary update. 0.41 version. PPTX reporting & Vulnerability linking
Wow... New Apiary & Hive. Meet version 0.41! It’s time to shed light on our latest updates and features that will make you happy! What’s in this amazing update? PPTX reports! Present results like a real pro with visualized and ...
26 April 2022
April 2022 Hive & Apiary 0.39 version. Multi-Factor Authentication and Checklist Cards
Hello, Hexway users! Today we have released a pack of features you may want to start using already today. This release mostly affects Apiary features — our Blue Team workspace for a systematized work with pentest findings on the client’s ...
31 March 2022
Hexway Hive 0.37.1 version. Checklists and methodologies sync with Apiary
Let’s say there is a typical pentest report. Basically, it’s just a PDF file with all found vulnerabilities. Normally, this would be enough. But if pentest company wants clients to be loyal and returning, they may want to think of ...
3 March 2022
Hive 0.36 version. New report generator & custom issues
Introduction First of all, we want to share this fantastic news with you… We have added what you wanted for so long! It’s an updated (super cool) report generator and (also super cool) customizable issues! *Yay* So, it’s time for ...
22 December 2021
Hive 0.33.1 version. Log4J & issue statuses
A vulnerability was found aaaand fixed, don't worry! What's in this update? Log4j vulnerability fix Draft & Ready issue statuses Bugfix we hope will make your life better! Log4j vulnerability fix You've definitely heard about this whole Log4j vulnerability situation. ...
15 November 2021
Hive 0.30.1 version. Nuclei & Amass integrations
Hey, hexwayers! We are happy to have all of you here. So, let's take a short tour around our new update. We’ve added Nuclei and Amass scanners integration. Yay! What’s in this update? Nuclei scanner export Amass scanner export Interface ...
22 September 2021
Hive 0.27 version. Labor dashboard & notifications
Hey Hexwayers & our guests! A new day brings you a new release. What’s in it for you today? Cross-project pentesters labor dashboard Notification system update Utility name import via API Bugfix & other small upgrades Let’s have a closer ...
29 June 2021
Hive 0.23 version. Advanced import, project dashboard, credential store and more!
We listen to your feedback (BTW, here is our Discord) and are trying to implement new features as fast as possible. Meet new Hive features: Advanced import settings Project Dashboard Main View Pagination Credential store Small bug fixes Advanced import ...
16 June 2021
Hive API. The easiest way to integrate your tool with Hexway Hive
Hi there! Currently, Hexway Hive supports integration with the following utility tools: Nmap/Masscan Metasploit Cobalt Strike Nessus However, there are much more tools we want our solution to be integratable with. That said, many teams use proprietary tools, and we're ...
31 May 2021
Hive 0.20.1 version. New parser engine and Metasploit & Cobalt Strike integration
New parser engine We have completely redesigned the operation principles of our parsing system and have changed data visualization in the interface! Now, when you click on a hostname, IP, or port, the Import tab is available on the right ...
21 April 2021
Hexway Hive 0.13.1 version. Nessus integration
We can’t wait to share an important Hive update with you! Now you can import scan results from Nessus directly. This improvement should facilitate the discovery stage of the pentesting process covered by Hive. Much has been done to make ...
12 March 2021
Hexway Hive online demo version is out!
We understand that sometimes to test a new product you need sufficient time for preparation and installation. That’s why we’ve decided to publish this Hive online demo. This version should make it easier to work with our pentest collaborative tool ...
25 July 2022
July 2022. 0.43 version. Custom issue statuses & status sync.
July was pretty intense for us as Hexway was getting ready to present a new pack of awesome features. It’s no joke, the stakes are high! So, meet this month’s winners: Custom issue statuses Status sync between Hive & Apiary ...
13 July 2022
CYBERSECURITY NEWS V. June – Cloudflare outage, Roblox sells ransomware, City of Palermo suffers from cyberattack
News FYI Italian city of Palermo services and operations suffer from cyberattack The Italian city of Palermo has been hit by a cyberattack that has affected a range of services and operations. The incident affected the city's video surveillance systems, ...
28 June 2022
How does Hive save up to 6 hours on each pentest project?
Hexway Hive is an intelligent Red Team workspace made by pentesters for other red teamers to keep some time on the most interesting security things instead of spending time on routine parts. “A very nice work, very responsive interface even ...
15 June 2022
June 2022 Hive & Apiary update. 0.41 version. PPTX reporting & Vulnerability linking
Wow... New Apiary & Hive. Meet version 0.41! It’s time to shed light on our latest updates and features that will make you happy! What’s in this amazing update? PPTX reports! Present results like a real pro with visualized and ...
6 June 2022
CYBERSECURITY NEWS V. May – Apple Patches Exploited Vulnerabilities, Costa Rica declares national emergency after cyberattacks
News FYI Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur and Catalina Apple released security updates to fix dozens of vulnerabilities in its operating systems, and released long-awaited patches for macOS Big Sur and Catalina that address exploited vulnerabilities ...
27 May 2022
Essential Pentest Tools for Each Testing Phase
During penetration testing, testers use a methodical approach to identify vulnerabilities and recommend fixes in a company environment before they can be exploited by real threat actors. A pentest is a systematic and multi-phase process. During each phase, pentesters leverage ...
11 May 2022
CYBERSECURITY NEWS V. April – Lapsus$ Hackers Target T-Mobile, Coca-Cola under cyber attack
News FYI The Bored Ape Yacht Club's Discord server has been hacked An unknown hacker has broken into the official Discord server dedicated to NFT holders Bored Ape Yacht Club, Mutant Ape Yacht Club and Mutant Ape Kennel Club - ...
30 April 2022
Top 4 Methodologies for Efficient Penetration Testing
Penetration testing is a proactive security test where a pentester or ethical hacker deliberately attacks the organization’s network and systems. The goal is to proactively find and fix existing security gaps before they can be exploited by bad actors. Over ...
26 April 2022
April 2022 Hive & Apiary 0.39 version. Multi-Factor Authentication and Checklist Cards
Hello, Hexway users! Today we have released a pack of features you may want to start using already today. This release mostly affects Apiary features — our Blue Team workspace for a systematized work with pentest findings on the client’s ...
13 April 2022
Why Hexway Hive Report Generator is Ahead of Other Reporting Tools
Penetration Testing is a great way to gain insight into the security capabilities, shortcomings, and scope for improvement for any company. While pentest is an essential tool to maintain a competitive edge over hackers, the efficacy of the test depends ...
5 April 2022
CYBERSECURITY NEWS V. March – Anonymous declares cyberwar, Samsung source code leak, Denso under cyberattack
hexway cybersecurity blog brings you the latest news about attacks and data breaches, emerging malware, and vendor security updates News FYI Samsung confirms source code leak The South American hacker group Lapsus$ hacked into Samsung networks. It claimed to have ...
31 March 2022
Hexway Hive 0.37.1 version. Checklists and methodologies sync with Apiary
Let’s say there is a typical pentest report. Basically, it’s just a PDF file with all found vulnerabilities. Normally, this would be enough. But if pentest company wants clients to be loyal and returning, they may want to think of ...
28 June 2022
How does Hive save up to 6 hours on each pentest project?
Hexway Hive is an intelligent Red Team workspace made by pentesters for other red teamers to keep some time on the most interesting security things instead of spending time on routine parts. “A very nice work, very responsive interface even ...
Copyright © 2022 Hexway.
All rights reserved
All rights reserved
Stay up to date
Greate!
Check your mail
Thank you for your
demo request!
demo request!
We will be happy to see you as our future user!
Such a pleasure
to hear from you!
to hear from you!
We will answer as soon as possible.
O-oh, you're using mobile device instead of desktop 😕
Come back later from your PC to try all of our features!
Come back later from your PC to try all of our features!
I still want to check out demo, even if it can be crooked
